Cyber Security Analyst

Role Title: Cyber Resilience AnalystLocation: LATAM Work Model: Remote (aligned to US working hours) Engagement Type: Long-term contract Experience Level: Mid-Senior (3–7+ years relevant experience)About the OpportunityWe are a globally recognized IT consultancy supporting large-scale enterprise transformation initiatives across cloud, infrastructure, security, and platform engineering. Our teams operate as embedded partners within enterprise IT organizations, delivering high-impact outcomes across complex, multi-domain environments.This opportunity supports a Fortune 50 enterprise technology organization undergoing a transformation to align cyber resilience, business continuity, and risk management practices into a centralized operating model supported by ServiceNow IRM (Integrated Risk Management).This initiative is in an active definition and alignment phase, with key efforts focused on:Defining and aligning BCP tiers, recovery strategies, and resilience requirements Establishing standards for immutability, backup integrity, and cyber recovery Aligning global and regional policies across service assurance and cyber domains Translating resilience requirements into trackable controls within ServiceNow IRM This role plays a critical part in ensuring that resilience concepts are clearly defined, operationally realistic, and aligned to platform execution.Role OverviewThe Cyber Resilience Analyst will serve as a domain-focused translator, helping bridge the gap between:Cyber and infrastructure teams Business continuity and service assurance stakeholders GRC / IRM platform implementation teams The focus of this role is to interpret and structure resilience, recovery, and policy requirements so they can be consistently applied, measured, and integrated into the broader IRM model.Key ResponsibilitiesInterpret and structure business continuity and cyber resilience requirements, including: BCP tiers, RTO, RPO, and BIA inputs Recovery strategies and failover approaches Support definition of cyber resilience standards, including: Immutability and backup integrity concepts Cyber recovery and data vaulting approaches Partner with stakeholders to: Align global vs regional policy requirements Ensure consistency across service assurance and cyber domains Translate resilience requirements into: Actionable controls and governance structures Inputs for ServiceNow IRM mapping and tracking Collaborate with platform and BA teams to: Ensure alignment between policy intent and operational execution Identify gaps, inconsistencies, and dependencies Support development of: Documentation, process flows, and control definitions Inputs for reporting and executive visibility Contribute to ongoing refinement of resilience frameworks as the program evolves Required Qualifications3+ years of experience in: Business Continuity / Disaster Recovery (BC/DR) or Cyber Resilience Strong understanding of: RTO, RPO, BIA, and recovery planning concepts How outages and failures impact enterprise systems and services Experience working with: Infrastructure environments (cloud and/or on-prem) Cross-functional teams spanning cyber, infrastructure, and operations Ability to translate high-level resilience requirements into: Structured, actionable definitions Strong analytical and documentation skills, including: Process mapping and requirement articulation Ability to operate effectively in: ambiguous, evolving environments with parallel workstreams Preferred QualificationsExposure to: GRC / IRM platforms, particularly ServiceNow Familiarity with: Control frameworks such as NIST, ISO 22301, ISO 27001, COBIT Experience with: Backup and recovery technologies, including immutability concepts Cyber data vaulting or isolation strategies Understanding of: Cloud environments (AWS, Azure, GCP) and enterprise architecture Experience working in: Agile or SAFe delivery environments Comfort with: Supporting UAT cycles, stakeholder coordination, and reporting artifacts What This Role IsA domain-focused resilience and recovery specialist aligned to enterprise needs A translator between policy, cyber, and operational teams A contributor to defining what resilience means in practice A key enabler of structured inputs into GRC / IRM platforms What This Role Is NotNot a purely technical engineering or infrastructure build role Not limited to documentation without domain context Not a standalone compliance role disconnected from operations Not responsible for platform configuration—focus is on domain definition and alignment